dev/nixfiles
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

nixos/colony: Initial (attempt at) switch to ColoClue

Browse Source
This commit is contained in:
Jack O'Sullivan
2022-10-06 19:03:29 +01:00
parent c267640925
commit e8d6a702e6
4 changed files with 51 additions and 49 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
lib/default.nix
View File

@@ -201,11 +201,11 @@ rec {
dockerNetAssignment =
assignments: name: with assignments."${name}".internal; "ip=${ipv4.address},ip=${ipv6.address}";
colony = rec {
domain = "fra1.int.${pubDomain}";
domain = "ams1.int.${pubDomain}";
start = {
all = {
v4 = "10.100.";
v6 = "2a0e:97c0:4d1:1";
v6 = "2a0e:97c0:4d2:1";
};
base = {
v4 = "${start.all.v4}0.";

63
nixos/boxes/colony/vms/default.nix
View File

@@ -44,33 +44,33 @@
systemd = {
network = {
links = {
"10-wan10g" = {
matchConfig.Path = "pci-0000:2d:00.0";
linkConfig.Name = "wan10g";
};
#"10-wan10g" = {
# matchConfig.Path = "pci-0000:2d:00.0";
# linkConfig.Name = "wan10g";
#};
};
netdevs = {
"25-vm-wan10g" = {
netdevConfig = {
Name = "vm-wan10g";
Kind = "macvtap";
};
# TODO: Upstream this missing section
extraConfig = ''
[MACVTAP]
Mode=passthru
'';
};
#"25-vm-wan10g" = {
# netdevConfig = {
# Name = "vm-wan10g";
# Kind = "macvtap";
# };
# # TODO: Upstream this missing section
# extraConfig = ''
# [MACVTAP]
# Mode=passthru
# '';
#};
};
networks = {
"75-wan10g" = {
matchConfig.Name = "wan10g";
networkConfig.MACVTAP = "vm-wan10g";
};
"75-vm-wan10g" = {
matchConfig.Name = "vm-wan10g";
linkConfig.RequiredForOnline = "no";
};
#"75-wan10g" = {
# matchConfig.Name = "wan10g";
# networkConfig.MACVTAP = "vm-wan10g";
#};
#"75-vm-wan10g" = {
# matchConfig.Name = "vm-wan10g";
# linkConfig.RequiredForOnline = "no";
#};
};
};
@@ -98,14 +98,15 @@
};
memory = 3072;
networks = {
wan = {
ifname = "vm-wan10g";
bridge = null;
tapFD = 100;
# Real hardware MAC
mac = "00:02:c9:56:24:6e";
waitOnline = false;
};
# Mellanox ConnectX-2 hackery
#wan = {
# ifname = "vm-wan10g";
# bridge = null;
# tapFD = 100;
# # Real hardware MAC
# mac = "00:02:c9:56:24:6e";
# waitOnline = false;
#};
base = {
waitOnline = "carrier";
mac = "52:54:00:15:1a:53";

27
nixos/boxes/colony/vms/estuary/default.nix
View File

@@ -10,15 +10,15 @@
altNames = [ "fw" ];
domain = lib.my.colony.domain;
ipv4 = {
address = "212.83.51.97";
address = "94.142.240.44";
mask = 24;
gateway = "212.83.51.1";
gateway = "94.142.240.254";
genPTR = false;
};
ipv6 = {
address = "2a00:f48:103:2::10";
address = "2a02:898:0:20::329:1";
mask = 64;
gateway = "2a00:f48:103:2::1";
gateway = "2a02:898:0:20::1";
genPTR = false;
};
};
@@ -39,7 +39,7 @@
inherit (lib.my) networkdAssignment;
in
{
imports = [ "${modulesPath}/profiles/qemu-guest.nix" ./dns.nix ./bandwidth.nix ];
imports = [ "${modulesPath}/profiles/qemu-guest.nix" ./dns.nix ];
config = mkMerge [
{
@@ -81,7 +81,7 @@
in
{
description = "Frequent ICMP6 neighbour solicitations";
enable = true;
enable = false;
requires = [ waitOnline ];
after = [ waitOnline ];
script = ''
@@ -97,14 +97,15 @@
systemd.network = {
links = {
"10-phy1g0" = {
matchConfig.MACAddress = "d0:50:99:fa:a7:99";
linkConfig.Name = "phy1g0";
};
"10-wan" = {
matchConfig.MACAddress = "00:02:c9:56:24:6e";
matchConfig.MACAddress = "d0:50:99:fa:a7:99";
linkConfig.Name = "wan";
};
# Mellanox ConnectX-2
#"10-wan" = {
# matchConfig.MACAddress = "00:02:c9:56:24:6e";
# linkConfig.Name = "wan";
#};
"10-base" = {
matchConfig.MACAddress = "52:54:00:15:1a:53";
@@ -126,8 +127,8 @@
];
networkConfig = {
# We're using an explicit gateway and Linux uses link local address for neighbour discovery, so we
# get lost to the router...
LinkLocalAddressing = "no";
# get lost to the router... (this was true in 23M Frankfurt)
#LinkLocalAddressing = "no";
IPv6AcceptRA = false;
};
};

6
nixos/boxes/colony/vms/estuary/dns.nix
View File

@@ -7,8 +7,8 @@ let
ptrDots = 2;
reverseZone = "100.10.in-addr.arpa";
ptrDots6 = 20;
reverseZone6 = "1.d.4.0.0.c.7.9.e.0.a.2.ip6.arpa";
ptr6ValTrim = (stringLength "2a0e:97c0:4d1:") + 1;
reverseZone6 = "2.d.4.0.0.c.7.9.e.0.a.2.ip6.arpa";
ptr6ValTrim = (stringLength "2a0e:97c0:4d2:") + 1;
authZones = attrNames config.my.pdns.auth.bind.zones;
in
@@ -76,7 +76,7 @@ in
lua-dns-script = pkgs.writeText "pdns-script.lua" ''
function preresolve(dq)
if dq.qname:equal("nix-cache.nul.ie") then
dq:addAnswer(pdns.CNAME, "http.fra1.int.nul.ie.")
dq:addAnswer(pdns.CNAME, "http.${config.networking.domain}.")
dq.rcode = 0
dq.followupFunction = "followCNAMERecords"
return true